{ pkgs, cluster, customize ? {}, lib, config, ... }: with lib; let cfg = cluster; mkSANs = host: [ host.name host.address "127.0.0.1" ]; pki = import ./pki.nix { inherit pkgs; ca = cfg.initca; }; mkCert = host: { ${host.name} = pki.gencert { cn = host.name; ca = cfg.ca; o = cfg.clusterName; hosts = [ host.name "${host.name}.${cfg.domain}" host.address "127.0.0.1" ]; }; }; in { k8s = rec { apiserver = host: self: { deployment.targetHost = host.address; inherit customize; cluster = mkMerge [ cfg { hostName = host.name; k8s.master.enable = true; } ]; services.kubernetes.kubelet.extraSANs = mkSANs host; imports = [ host.hw ./modules.nix ../overrides/kubelet.nix ]; }; node = host: self: { deployment.targetHost = host.address; inherit customize; cluster = mkMerge [ cfg { hostName = host.name; k8s.node.enable = true; } ]; services.kubernetes.kubelet.extraSANs = mkSANs host; imports = [ host.hw ./modules.nix ../overrides/kubelet.nix ]; }; mkDeployment = let master = cfg.k8s.master; nodes = cfg.k8s.nodes; server = { "${master.name}" = apiserver master; }; in builtins.foldl' (a: x: a // { "${x.name}" = node x; }) server nodes; }; fs = rec { mkNode = host: self: { deployment.targetHost = host.address; inherit customize; cluster = mkMerge [ cfg { hostName = host.name; cert = mkCert host.name; } ]; imports = [ ../overrides host.hw ./modules.nix ]; }; mkDeployment = nodes: builtins.foldl' (a: x: a // { "${x.name}" = mkNode x; }) {} nodes; } ; host = rec { node = host: self: { deployment.targetHost = host.address; inherit customize; cluster = mkMerge [ cfg { hostName = host.name; cert = mkCert host.name; } ]; imports = [ host.hw ./modules.nix ]; }; mkDeployment = nodes: builtins.foldl' (a: x: a // { "${x.name}" = node x; }) {} nodes; }; }